We claim: 

1 1. A data control system comprising: 

2 a computer platform having hardware; said hardware capable of 

3 authenticating an operating system to be loaded on said hardware 

4 and preventing said operating system from being loaded onto said 

5 hardware when said operating system is not authenticated; 

6 said hardware having memory in which application programs and 

7 object files can be stored; 

8 said operating system capable of creating a firewall around data 

9 in memory pertaining to application programs and object files to 

10 control access to said application programs and object files; 

11 an input interface connected to said platform to allow input 

12 data to be received by said platform; said operating system capable 

13 of decrypting said input data and of authenticating said input 

14 data; 

15 said firewalls around said data in memory being capable of 

16 allowing said application programs to access said data in memory 

17 when approval of access is obtained from said application program 

18 and from said data in memory; and 

19 an output interface connected to said platform to allow said 

20 platform to transmit output data out of said platform; said output 

21 data being encrypted when transmitted. 

1 

1 2. A data control system as claimed in claim 1, wherein said 

2 hardware authenticates said operating system by verifying a digital 

3 signature associated with said operating system. 
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1 3. A data control system as claimed in claim 1, wherein said 

2 operating system decrypts said input data with a private decryption 

3 key unique to said platform. 
1 

1 4. A data control system as claimed in claim 1, wherein said 

2 operating system authenticates said input data by verifying a 

3 digital signature associated with said input data with a public 

4 signature key and input data that is not authenticated by said 

5 operating system is classified as insecure data. 
1 

1 5. A data control system as claimed in claim 3, further 

2 comprising a sending station capable of encrypting data with a 

3 public encryption key; said public encryption key being directly 

4 related to said private decryption key of said computer platform. 
1 

1 6. A data control system as claimed in claim 4, further 

2 comprising a sending station capable of creating a digital 

3 signature with a secret signature key; said secret signature key 

4 being distinctively associated with said sending station. 
1 

17. A data control system as claimed in claim 1, wherein said data 

2 in memory gives approval for access through an object handler 

3 associated with each of said object files when said data in memory 

4 pertains to said object files. 
1 
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1 8. A data control system as claimed in claim 1, wherein said 

2 output data is encrypted with an encryption key unique to said 

3 platform. 
1 

1 9. A data control system as claimed in claim 8, wherein said 

2 output data is decrypted with an decryption key associated with 

3 said public encryption key. 
1 

1 10. A data control system as claimed in claim 4, wherein said 

2 output interface encrypts said output data when said output data 

3 includes at least a portion of data that has been authenticated by 

4 said operating system. 
1 

1 11. A data control system as claimed in claim 1, wherein said 

2 operating system is capable of authenticating said input data by 

3 using a hash function. 
1 

1 12. A data control system comprising: 

2 a sending station, 

3 a plurality of receiving platforms, each of said receiving 

4 platforms having firmware and an operating system, said firmware 

5 authenticating said operating system, 

6 said sending station including: (a) a plurality of application 

7 programs, (b) a plurality of object files, (c) a plurality of 

8 handler programs, each associated with a separate one of said 

9 object files, and (d) a plurality of secret key encoded signatures, 
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10 each distinctive to a subset of said application programs and said 

11 object files, 

12 each of said receiving platforms being adapted to receive said 

13 application programs, object files, handlers and signatures, 

14 each of said receiving platforms having: (a) a public 

15 signature identification key to authenticate said signatures and 

16 (b) firewalls associated with said application programs and object 

17 files to control access to each of said application programs and 

18 object files, 

19 the one of said handler programs associated with each of said 

20 object files permitting access to the associated object files by an 

21 appropriate one or more of said application programs. 

22 each of said handler programs being programmable to permit 

23 multi-parameter control over access to the associated one of said 

24 object files. 
1 

1 13. The data control system of claim 12 wherein: said object files 

2 and said application programs at said sending station are encrypted 

3 with a public key unique to the receiving platform being addressed 

4 and wherein said encrypted object files and application programs 

5 are decrypted with a private key, at the receiving platform. 
1 

1 14. The data control system of claim 12 wherein said signature 

2 identification is provided through a signature creation algorithm 

3 and a secret key at said sending station and through a signature 

4 verification algorithm and a public key at each receiving platform. 
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1 15. The data control system of claim 13 wherein said signature 

2 identification is provided through a signature creation algorithm 

3 and a secret key at said sending station and through a signature 

4 verification algorithm and a public key at each receiving platform. 
1 

1 16. The system of claim 12 wherein: 

2 said sending station has a plurality of secret key encoded 

3 signatures, each signature being distinctive to a separate set of 

4 application programs and data texts , 

5 each receiving platform having a plurality of public signature 

6 identification keys to correspond to the plurality of secret keys 

7 at said sending station. 
1 

1 17. A method for providing a data control system, comprising the 

2 steps of: 

3 authenticating an operating system to be loaded on a computer 

4 platform; said authenticating step to be performed every time an 

5 operating system is loaded on said computer platform; 

6 verifying credentials of data transmitted to said computer 

7 platform before loading said data into memory of said computer 

8 platform; 

9 creating firewalls around data loaded into memory of said 

10 computer platform; 

11 decrypting data transmitted to said computer platform with a 

12 private decryption key unique to said computer platform; and 



13 encrypting data transferred out of said computer platform with 

14 a public encryption key unique to said computer platform and 

15 associated with said public decryption key. 
1 

1 18. A method as claimed in claim 17 wherein said authenticating 

2 step is performed by verifying a digital signature associated with 

3 said operating system. 
1 

1 19. A method as claimed in claim 17 further comprising the step of 

2 obtaining permission before allowing an application program to 

3 access data loaded into memory. 
1 

1 20. A method as claimed in claim 19 wherein said obtaining step is 

2 performed through object handlers. 
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ABSTRACT 



A computer platform is described that provides control 
features to allow for the protection of intellectual property 
rights and prevent malfunctioning of the platform. The platform 
uses 1) a secure operating system including a secure memory 
5 management system, 2) public key encryption, 3) data authentication 
through digital signatures and 4) application/data approval through 
a flexible access policy through the use of object handlers and an 
application program approval process. Through these four control 
features, the platform provides the ability to control access to 
10 data and minimize the effects of computer malfunctions. 



